Systems and methods for out-of-band booting of a computer

ABSTRACT

The present invention is directed to systems and methods for remotely booting a server computer system. A boot request is received from the server computer. An access request is transmitted to a boot management system via a secondary communication channel in response to the received boot request. An access response is received from the boot management system. The access response includes boot data from a boot image accessible via the boot management system and compatible with the server computer. In response to the received access response, the boot data is extracted from the access response and forwarded to the server computer for processing and booting. Multiple responses may be required in certain instances to accumulate the entirety of the boot image.

BACKGROUND

The present invention is directed to systems and methods for out-of-bandbooting of a computer. More specifically, without limitation, thepresent invention relates to computer-based remote boot systems andmethods for booting a server computer having a hot swap interface and aprimary communication channel used to provide access to clientcomputers, without requiring shutdown of the server computer orcommunication with the server computer via the primary communicationchannel, using a secondary communication channel connected to a bootmanagement system.

A server normally boots from its usual source, which can be a local diskor boot device (for example, flash ROM etc.) attached to it or from aremote boot device through a primary communication channel such as the“usual” network (LAN) connection. Failure of a server can cause problemsranging from minor inconvenience to catastrophic losses of time andmoney.

Theoretically, it would be desirable if a server did not fail atanytime. However, in a practical sense, server failures do occur. Highavailability sometimes is referred to by the time the server providesthe service to its clients and measured by the number of nines (° 9′).This number is a measurement of the approximation of the percentages ofthe amount of time the server provides the service per year. Followingis the industry wide report about the ‘nine factors’ (see, e.g.,“Providing Open Architecture High Availability Solutions,” February,2001, p. 13, http://www.haforum.org). Downtime per Number of ‘9s yearTypical application 3 nines (99.9%) ˜9 hours Desktops 4 nines (99.99%)˜2 hour Enterprise server 5 nines (99.999%) ˜5 minutes Carrier classserver 6 nines (99.9999%) ˜31 seconds Carrier switch equipmentsThe main purpose of alternate boot strategy technology is to increasethe availability and serviceability of a server. The fault management ofthe server may consist of the followings components:

-   -   1. Detection—the fault is detected properly    -   2. Diagnosis—detect the root cause of the fault    -   3. Isolation—so the rest of the system is not affected from the        fault    -   4. Recovery—system is restarted for further operation    -   5. Repair—the faulty component is removed

Among the above mentioned components detection, diagnosis and isolationcan be better performed through a remote boot from an OS of choice andwith proper diagnostic capability. This is due to the fact that theserver may be experiencing a fatal

problem, which can only be detected by an offline diagnostics. Anoffline diagnostic is a mechanism when the system is not operatingnormally. As the normal operation is suspended, the usual boot processis not possible and an out-of-band or virtual boot mechanism accordingto the present invention is more appropriate and advantageous.

Sometimes recovery and repair of the faulty components involve agraceful shutdown of the resident OS and replacement of one or more OScomponents. In such cases, the OS may not be functional to upgradeitself from a remote location. A virtual boot or out-of-band bootprotocol provides a solution to this situation that is not possible withprior art approaches.

If the server faces the problems due to faulty behavior of the usualboot process defined, then the alternate boot path is mandatory toachieve the desired number of nines and to reduce the downtime.

To prevent the common failure of the server, a backup policy for theboot procedure. Two common techniques with respect to the former includeproviding an alternative local boot path or a remote boot using aserver's primary communication channel with its clients.

As depicted in FIG. 1, a typical server computer 100 uses a local harddrive 120 as the source for the boot image used to boot the server; atypical alternative boot path could include use of a locally connecteddrive 130 loaded with a removable media such as a magnetic or opticaldisk containing a boot image or use of a second hard (fixed magneticmedia) drive or optical fixed media drive. The requirement that anadministrator must physically be present at the server to load and/orchange the removable media limits the usability of this approach. Theuse of a local fixed drive requires a local copy of the boot image andmay require local supervision by an administrator via input devices suchas keyboard 140 and mouse 150 and output devices such as monitor 160.

Another alternative approach to booting a server 100, as depicted inFIG. 2, involves use of a boot image stored on in remote data storage210 connected to the server's primary communication channel (e.g.,Ethernet 230) with its clients 220, or to a secondary communicationchannel (e.g., secondary network 240). However, this mechanism fails toallow upgrade of any faulty component from multiple mass-storage images.For example, to rectify some problems, the OS must be upgraded, and thisrequires a series of images stored in multiple removable magnetic and/oroptical disks, as the boot image is a static image and server cannotrefer to other images. Also in some cases, to diagnose a typicalproblem, a series of tests may be executed from different mass-storagedevices. A standard protocol to boot from a remote image does not allowthis to occur.

In this method, a boot image is prepared and made accessible to theserver 100 (through either in-band 230 or out-of-band 240) at anytimefrom a centralized location 210. Several prior art protocols alreadysupport this such as PXE (Preboot Execution Environment). However, thismechanism fails to upgrade any faulty component from multiplemass-storage images. For example, to rectify some problems, OS must beupgraded and this requires a series of images stored in multiple CDROMor floppies. As the boot image is a static image and server cannot referto other images because the standard prior art protocols do not definethis. Also in some cases, to diagnose a typical problem, a series oftests may be executed from different mass-storage devices. A protocol toboot from a remote image does not allow this to occur.

The out-of-band systems and methods according to the present inventionavoid these limitations. A boot device is implemented at the serverside. This device is presented as a ghost device or a virtual device tothe server and the software components (such as BIOS and OS). Suchdevices will be presented as early in the power on process of theserver. Hence the server can find this as a potential mass-storagedevice to boot from. The main advantage of such mechanism is once theboot process starts, it can follow with unlimited references of othermass-storage devices and images. As a result, server can be repaired (orupgraded) easily.

SUMMARY

The present invention is directed to systems and methods for remotebooting of a server. One preferred embodiment of a remote boot systemaccording to the present invention includes a system processor, a firstcommunication interface adapted to connect the remote boot system to ahot swap interface of a server computer, and a second communicationinterface adapted to connect the remote boot system to a secondarycommunication channel allowing communication with a boot managementsystem. The server computer will have one or more primary communicationchannels that it may use for communicating with various clients. Thesystem processor is in communication with the first and secondinterfaces via any suitable communication channel or channels, in onepreferred embodiment the system processor communicates with theinterfaces via a system bus local to the remote boot system. The systemprocessor may include one or more processing elements that provide bootrequest processing, input output reception/conversion/transmissionand/or other functionality.

Accordingly, one preferred method of remotely booting a server accordingto the present invention includes a variety of steps that may, incertain embodiments, be executed by the environment summarized above andmore fully described below or be stored as computer executableinstructions in and/or on any suitable combination of computer-readablemedia. A boot request is received from the server computer. This bootrequest may result from the server computer's detection of an error orfailure of its hardware and/or software; such detection may occurduring, or subsequent to, the server computer booting. An access requestis transmitted to a boot management system via a secondary communicationchannel in response to the received boot request. An access response isreceived from the boot management system. The access response includesboot data from a boot image accessible via the boot management system.This boot image is compatible with the server computer; however, thisboot image may or may not be the same as the boot image via which theserver computer typically boots. Further, the boot image accessible viathe boot management system may not reside in and/or on a single datastore or computer readable media but rather may require access tomultiple data stores and/or computer readable media that may or may notbe of the same type (e.g., storage of part of the boot image on a harddisk and/or ROM memory local to the boot management system and/orstorage of part of the boot image on removable magnetic and/or opticalmedia that may be placed in an appropriate drive connected to the bootmanagement system). In response to the received access response, theboot data is extracted from the access response and forwarded to theserver computer for processing and booting.

Additional advantages of the invention will be set forth in part in thedescription which follows, and in part will be obvious from thedescription, or may be learned by practice of the invention. Theadvantages of the invention will be realized and attained by means ofthe elements and combinations particularly pointed out in the appendedclaims. It is to be understood that both the foregoing generaldescription and the following detailed description are exemplary andexplanatory only and are not restrictive of the invention, as claimed.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated in and constitute apart of this specification, illustrate embodiments of the invention andtogether with the description, serve to explain the principles of theinvention.

FIG. 1 depicts a typical prior art local boot environment.

FIG. 2 depicts an alternative prior art approach using a remote bootimage.

FIG. 3 is a logical block diagram of the components in a typicalembodiment of the present invention.

FIG. 4 depicts one exemplary embodiment of the present invention.

FIG. 5 is a flow chart depicting a remote input/output process accordingto one preferred approach of the present invention.

FIG. 6 is a logical block diagram of the components in a typicalembodiment of a generalized remote peripheral access device according tothe present invention.

DETAILED DESCRIPTION

Exemplary embodiments of the present invention are now described indetail. Referring to the drawings, like numbers indicate like partsthroughout the views. As used in the description herein and throughoutthe claims that follow, the meaning of “a,” “an,” and “the” includesplural reference unless the context clearly dictates otherwise. Also, asused in the description herein and throughout the claims that follow,the meaning of “in” includes “in” and “on” unless the context clearlydictates otherwise. Finally, as used in the description herein andthroughout the claims that follow, the meanings of “and” and “or”include both the conjunctive and disjunctive and may be usedinterchangeably unless the context clearly dictates otherwise.

Ranges may be expressed herein as from “about” one particular value,and/or to “about” another particular value. When such a range isexpressed, another embodiment includes from the one particular valueand/or to the other particular value. Similarly, when values areexpressed as approximations, by use of the antecedent “about,” it willbe understood that the particular value forms another embodiment. Itwill be further understood that the endpoints of each of the ranges aresignificant both in relation to the other endpoint, and, independentlyof the other endpoint.

As used herein, and in the claims that follow, the following termsand/or acronyms will have the meanings indicated below unless thecontext clearly dictates otherwise.

-   -   ATA Advanced Technology Attachments    -   ATAPIATA Packet Interface    -   EIDE Enhanced Integrated Drive Electronics    -   FireWire I.E.E.E. 1394 Standard Bus Protocol    -   HIC Human Interface Component    -   Hot Swap Interface (HSI) An interface that supports the ability        to add and remove devices to a computer while the computer is        running and have the operating system automatically recognize        the change. Examples of interface include protocols and/or        standards supporting hot swapping include FireWire, PCMCIA and        USB.    -   IDE Integrated Drive Electronics    -   LAN Local Area Network    -   OBP Out-of-band Boot Protocol, one preferred embodiment of which        is described in greater detail below.    -   OS Operating System    -   RAC Remote Access Controller    -   REMIO Remote I/O Protocol, one preferred embodiment of which is        described in greater detail below.    -   RMC Remote Management Controller    -   SCSI Small Computer System Interface    -   USB Universal Serial Bus

Architecture

This section describes the main architecture of one or more preferredembodiments of the out-of-band boot procedure of a server of the presentinvention through dedicated hardware and/or software components. Suchcomponent also provides the ultimate manageability of the server throughremote access. This is achieved through use of a ‘virtual’ boot deviceat the server side. When the server experiences any difficulty or theusual way is not functional any more, the systems and methods accordingto the present invention allow the server to continue booting from aremote boot device through another path—known as ‘out-of-band’ way. Inone preferred embodiment, dedicated hardware and/or software componentsare present in the server to handle this scenario. Thishardware/software combination sometimes referred as RAC (Remote AccessController) or RMC (Remote Management Controller). This dedicatedhardware provides separate network/modem connectivity and helps theserver boot from the pre-specified boot device. Such network/modemconnectivity is not directly accessible to the server; instead it isdirectly accessible through the dedicated hardware. This dedicatedhardware differentiates the in-band and out-of-band connectivity to theserver. In summary, the method by which a server continues to boot evenwhen the usual boot mechanism is not available is referred herein as‘out-of-band boot’ or ‘virtual boot.’

FIG. 3 is a logical block diagram of a remote boot device 300 accordingto the present invention. The remote boot device 300 includes a firstcommunication interface 330 adapted to connect the device to the HSI ofthe server computer 310. The remote boot device 300 further includes asecond communication interface 340 adapted to connect the device to theboot management system 320 via a secondary communication path (a pathother than the standard path by which the server computer 310communicates with its clients). The device further includes a systemprocessor 350 for executing the actions required to perform a remoteboot procedure as discussed further below; in one preferred embodiment,the system processor may be one or more COLDFIRE family processors(Motorola, Inc., Schaumburg, Ill.), preferably M5272 processors.

The device 300 may be a stand-alone device external to the server. Insuch embodiments, the device 300 may have an integrated power supply(not shown) adapted for connection to a standard electrical poweroutlet. Other embodiments may 10 instead, or in addition, draw powerfrom the server computer 310 via the first communication interface 330.The device 300 may also include a battery backup power supply (notshown), which may in certain embodiments be rechargeable from a primarypower source (e.g., server computer 310, power outlet).

In other embodiments, the device 300 may be internal to the servercomputer 310. In such embodiments, the device may be integrated on themotherboard of the server computer 310. In such instances, the firstcommunication interface 330 may be internally and/or directly connectedto the hot swap interface of the server computer 310. An external porton the server case may be provided to connect any wiring that may beassociated with the secondary communication path. Instead of integrationwith the motherboard, the device 300 may be provided as an expansioncard to the server computer. In such embodiment, the device 300 mayfurther include a local bus interface (not shown) allowing connection tothe local system bus of the server computer 310. The local bus interfacecould be of any type suitable to the server computer 310 such as withone or more of ISA, EISA, PCI, PCI-X or PCMCIA. The device 300 may usethe local bus connection to supplement and/or improve efficiency ofaccessing the server computer, its memory and associated peripherals.Depending upon efficiencies and bus availability/functionality, thedevice 300 may selectively and/or dynamically access the server computer310 via the first communication interface 330 and/or the local busconnection. The local bus connection could be used 30 for suchfunctionality as initiating boot, performing direct memory access to theserver computer's primary storage and/or connecting with the servercomputer's peripheral devices for access and/or diagnostic purposes.

In either the integrated or addition case, power to the device may beprovided by the power supply of the server computer 310 directly, viathe first communication interface 330, or via a local bus connectionwhere present. In internal embodiments, the device 300 may also includea battery backup power supply (not shown), which may in certainembodiments be rechargeable from a primary power source.

In some embodiments, the processor 350 may include one or moregeneral-purpose processors such as an Intel 80386, 80486 or PENTIUMfamily of processor (Intel Corp., Santa Clara, Calif.). Alternatively,the processor 350 may be a special purpose processor such composed ofone or more FPGA or ASIC elements with or without hard coded logic thatperforms the boot processes according to the present invention. Further,the processor 350 may include a combination of processing elementsincluding general-purpose and/or special purpose processors. The termprocessing element may refer to (1) a process running on a particularpiece, or across particular pieces, of hardware, (2) a particular pieceof hardware, or either (1) or (2) as the context allows. In someembodiments, the boot processes and the peripheral remote controlfacilities may be spread across multiple processing elements.

In some embodiments, the device 300 may further include a system datastore (SDS) (not shown). The SDS could include a variety of primary andsecondary storage elements. In one preferred embodiment, the SDS wouldinclude RAM as part of the primary storage; the amount of RAM mightrange from about 128 MB to about 4 GB although these amounts could varyand represent overlapping use such as where the device provides otherfunctionality such as pure communication via the secondary communicationpath, remote management functionality other than for boot purpose orremote control/access of peripheral devices locally connected to theboot management system. In addition to, or instead of, RAM memory, someembodiments may include writeable non-volatile memory such as FLASHmemory; in one preferred embodiment, the amount of flash RAM might rangefrom about 64 KB to about t 6 MB. The primary storage may in someembodiments include other forms of memory such as cache memory,registers, non-volatile memory (e.g., ROM, EPROM, etc.), etc.

The SDS may also include secondary storage including single, multipleand/or varied servers and storage elements. For example, the SDS may useinternal storage devices connected to the system processor 350. It willbe understood by those skilled in the art that the different informationused in the boot processes and systems according to the presentinvention may be logically or physically segregated within a singledevice serving as secondary storage for the SDS; multiple related datastores accessible through a unified management system, which togetherserve as part of the SDS; or multiple independent data storesindividually accessible through disparate management systems, which mayin some embodiments be collectively viewed as part of the SDS. Thevarious storage elements that comprise the physical architecture of theSDS may be centrally located, or distributed across a variety of diverselocations. The storage elements may include one or more standardmagnetic and/or optical disk drives using any appropriate localinterface (e.g., IDE and SCSI) or network-based file system interface.

The architecture of the secondary storage of the system data store mayvary significantly in different embodiments. In several embodiments,database(s) are used to store and manipulate the data; in some suchembodiments, one or more relational database management systems, such asDB2 (IBM, White Plains, N.Y.), SQL Server (Microsoft, Redmond, Wash.),ACCESS (Microsoft, Redmond, Wash.), ORACLE 8i (Oracle Corp., RedwoodShores, Calif.), Ingres (Computer Associates, Islandia, N.Y.), MySQL(MySQL AB, Sweden) or Adaptive Server Enterprise (Sybase Inc.,Emeryville, Calif.), may be used in connection with a variety of storagedevices/file servers that may include one or more standard magneticand/or optical disk drives using any appropriate interface including,without limitation, IDE and SCSI. In some embodiments, a tape librarysuch as Exabyte XSO (Exabyte Corporation, Boulder, Colo.), a storageattached network (SAN) solution such as available from (EMC, Inc.,Hopkinton, Mass.), a network attached storage (NAS) solution such as aNetApp Filer 740 (Network Appliances, Sunnyvale, Calif.), orcombinations thereof may be used. In other embodiments, the data storemay use database systems with other architectures such asobject-oriented, spatial, object-relational or hierarchical or may useother storage implementations such as hash tables or flat files orcombinations of such architectures. Such alternative approaches may usedata servers other than database management systems such as a hash tablelook-up server, procedure and/or process and/or a flat file retrievalserver, procedure and/or process. Further, the SDS may use a combinationof any of such approaches in organizing its secondary storagearchitecture.

The boot management system 320 as use with and/or as part of the presentinvention will minimally include its own boot management system datastore, which may be of a form or format similar to the SDS as describedabove with respect to the remote boot device 300. During the bootprocesses such as described below, the boot management system will haveaccess to a boot image compatible with the server computer 310 via itsboot management system data store (a boot image input device). This bootimage may reside in and/or on any combination of fixed and/or removablemedia accessible to the boot management system. The boot managementsystem 320 further includes a management communication interface adaptedto connect the boot management system 320 with the secondarycommunication channel.

The boot management system 320 will further include a boot managementprocessor. As with the system processor 350 of the remote boot device300, the boot management processor may include one or moregeneral-purpose processors such as an Intel 80386, 80486 or PENTIUMfamily of processor (Intel Corp., Santa Clara, Calif.). Alternatively,this processor may be a special purpose processor such composed of oneor more FPGA or ASIC elements with or without hard coded logic thatperforms the boot processes according to the present invention. Further,this processor may include a combination of processing elementsincluding general-purpose and/or special purpose processors. The bootmanagement system may include software components stored on its datastore that support interaction with the remote boot device 300. Suchsoftware components may include elements that may and/or may not requirehuman interaction with the boot management system as further describedbelow.

The secondary communication interface 340 may in some embodiments be ageneralized interface adapted to receive suitable communication hardwareallowing communication with the boot management system 320 via thesecondary communication path. For instance, the secondary communicationinterface 340 may be a standard bus interface connection such as ISA,EISA, PCI, PCI-X or PCMCIA, which may accept suitable communicationhardware dependent upon the secondary communication path such hardwarein certain embodiments could include a modem, a network interfaceadapter and/or other suitable hardware. In other embodiments, the secondcommunication interface may include the requisite communication hardwaresupporting direct communication from the device 300 to the bootmanagement system 320 via the secondary communication path.

FIG. 4 depicts one preferred embodiment according to the presentinvention. Server 100 may have one or more local boot devices. Server100 may also have access to one or more remote boot images stored inremote data storage 210 that is accessible either through a primary(e.g., Ethernet 230) or an alternative (e.g., modem 240) communicationchannel.

Remote boot device 470 connects to the hot swap interface of server 100and connects to a secondary communication channel allowing communicationwith a boot management system 400. The remote boot device 470 mayinclude the communications hardware allowing communication with thesecondary communication channel, or such hardware may be separatelypurchased and connected to the secondary communication interface of theboot device. In some embodiments, the hardware of the remote boot devicemay be integrated into such communication hardware; for example, thehardware may be added to a modem or network interface card. Forinstance, remote boot device 470 could be an external modem connected tothe hot swap interface of server 100 and a telephone line that serves asthe secondary communication path. In some instances, such as shown inFIG. 4, the boot management system 400 may have a connection to theserver's primary communication channel (e.g., Ethernet 230); however,such a connection is not required.

In some embodiments, the boot management system may support a variety ofperipheral devices such as its data store (symbolically represented byhard drive 430), keyboard 440, mouse 450 and/or monitor 460. Anadministrator present at the boot management system 400 may use theseperipherals to remotely control the boot, diagnostic and/or upgrade ofthe server 100. In some instances, the administrator may be required touse these peripheral devices in order to control the progress of theactions taking place at the server 100. The administrator may need tomanually switch among removable media across which the boot image spansor switch between media containing differing diagnostics for executionon the server 100. The boot management system 400 may forward inputactions from its peripherals over the secondary communication channel tothe remote boot device 470 for ultimate delivery and execution by theserver 100. In addition, the server 100 may forward output actions thatwould be rendered by its local peripherals to the remote boot device 470for ultimate deliver and execution by the boot management system 400.

Remote Peripheral Access Architecture

As will be understood by those skilled in the art, the boot systems andmethods 10 described herein provide an exemplary embodiment of a remoteperipheral access system and method. Accordingly, any peripheralattached to, or a part of, the boot management system 400 may beaccessible or addressed as a hot swap device by the server computer 100via a remote peripheral access device as if the peripheral were a localhot swap peripheral attached to the server 100. The remote peripheralaccess device could include the same hardware as described with respectto the remote boot device 300 according to the present invention. Insuch an approach, the remote peripheral device would include thesoftware components that perform mappings with respect to peripherals inaddition to those described below with respect to the use of remoteperipheral access with respect to the booting procedures. Those skilledin the art would appreciate that the mappings as described below withspecific peripherals could be used as templates for implementingmappings with respect to any other peripheral device, or device type,for which remote access is desired.

FIG. 6 depicts a logical diagram of such a remote peripheral accessdevice 600. The hardware components depicted may include a hot swapinterface 630, peripheral 25 host communication interface 640 andprocessor 650. These hardware components may have the same parametersand variations as described above with respect to the analogouscomponents of remote boot device 300. Similarly, the remote peripheraldevice 600 may have the same variations and additional elements asdescribed with respect to the remote boot device 300 above. Theperipheral host communication interface 640 need not, however, connectto necessarily to a secondary communication path; this interface needonly connect to any suitable communication channel to the peripheralhost 620. The local computer 610 may use the remote peripheral accessdevice 600 to access on a hot swap basis any supported peripheraldirectly or indirectly connected to the remote peripheral host 620. Itwill be understood that one indirect approach would include a peripheralaccessible to remote peripheral host 620 via a further remote peripheralaccess device. The remote peripheral access device 600 would includesoftware for facilitating communication between the local computer 610and the remote peripheral host 620 as described below with respect tothe remote boot device 300. The mappings available, however, need not belimited to those required to support a booting process.

Remote Input/Output Processes

FIG. 5 depicts a process by which the device, which may in someembodiments be the remote boot device 300 or the remote peripheralaccess device 600 as described above, facilitates communication betweena local computer connected via the host swap interface and a remotecomputer connected to its second communication interface. The devicereceives an input and/or output request from the local computerconnected via the host swap interface in step 510. In one embodiment,this request may be a boot request that in some instances would betriggered by a boot failure with respect to one or more primary bootdevices detected by the local computer.

The request from the local computer may include data that must beextracted from this request. In other embodiments, the request mayinclude a reference to data pertinent to the request that the device mayacquire from local computer either directly or indirectly. For instance,in certain embodiments where the device includes a connection to thesystem bus of the local computer, the device may directly retrieve datafrom the primary storage of the local computer.

The device sends an access request to the remote computer in step 520.This request requests access to a target peripheral accessible to theremote computer. In certain embodiments, the request may be a bootrequest requesting access to a boot image accessible via the system datastore of the remote computer. If the request is for access to a targetperipheral for the purposes of output such as a monitor, a printer or awrite access to a storage device, the access request may further includedata to be output to the target peripheral; this included data may be aportion of a larger data set that will be output to the targetperipheral via multiple requests. In certain embodiments, the requestmay be encrypted or sent via an encrypted communication protocol. Thedevice may break a single access request into multiple units for ease oftransmission. For instance, the device could segment data captured fromthe local computer processor destined for its monitor into multipleaccess requests directed to a monitor accessible to the remote computer.

The device receives a response to the access request from the remotecomputer in step 530. The response may be a simple acknowledgment ofcorrection to the target peripheral, or an acknowledgment of completionof an output to the target peripheral. If the access request included arequest for data from a target peripheral at the remote computer such asa mouse, a keyboard or a read access of a storage device, the responsemay include data from the target peripheral; this included data may be aportion of a larger data set that will be transferred from the targetperipheral via multiple requests and/or responses. For instance, bootimage data, or a portion thereof, retrieved from the system data storeaccessible to the remote computer may be included in the response. Incertain embodiments, the response may be encrypted or sent via anencrypted communication protocol. A single access request may in certaininstance trigger multiple responses, or a single response broken intomultiple units for ease of transmission.

In step 540, the device extracts any data included in the response. Thedevice then sends any such data to the local computer in step 550. Thedevice would reformat any data received into a format compatible withdelivery via the hot swap interface and potentially with any devicedrivers resident on the local computer. The series of steps 520 to 540may be repeated to completely service the The remote computer includessoftware capable of communicating with the device. This software wouldreceive an access request from the device and formulate an appropriateresponse to the request. The request would include the identification ofa target peripheral accessible by the remote computer. The request mayinitiate an extended communication session between the device and theremote computer. In this instance, the response would include sessionspecific data to the device that would allow the device and the remotecomputer to maintain the consistency of the session.

Session specific data would then be used to exchange multiple requestsand responses. These requests and response may include data receivedfrom, or directed to, the target peripheral. In one exemplaryembodiment, the data received from the target peripheral may be bootimage data, or portions thereof.

In certain embodiments, the access request may include data in whichcase the software would extract the data from the request. The softwarewould then service the access request. The servicing of the accessingrequest may simply include forwarding extracted data to the targetperipheral and transmitting an acknowledgment response to the device. Ininstances where the request is seeking data from a target peripheral,the response may include the data from the target peripheral, such asboot image data. Multiple access requests may be required to send orreceive the complete set of data to or from the target peripheral.

In some embodiments, the software may include an interactive element. Insuch embodiments, an administrator may, or must, facilitate theservicing of requests. For instances, an administrator may be requiredto manually switch removable media in a drive local to the remotecomputer in order to provide a complete boot image that spans multipleremovable media. In another example, an administrator may use akeyboard, mouse and monitor at the remote computer to perform acontrolled boot of the local computer or to selectively performdiagnostics on the local computer.

Exemplary procedures and mappings in accordance with the remoteinput/output processed detailed above and useful for providing theremote booting aspect of the present invention are provided below. Thoseskilled in the art will understand that these procedures and mappingsare exemplary only and that other suitable procedures, encodings andmappings could be developed to support the remote booting within thecontext of the present invention.

Boot Procedure

In the boot procedure according to one exemplary method of the presentinvention, the server computer identifies a boot failure early in theboot procedure and is unable to identify and/or use either analternative local boot image and/or a standard 30 prior art remote bootimage. In this case, server finds a virtual device from which to boot.This device may be implemented by the dedicated hardware in the serveras described above.

In one preferred embodiment, the device connects to a remote intelligentHuman Interface Component (HIC) executing on the boot management systemthat allows interactive control of the remote boot. In otherembodiments, a ‘dumb’ boot image can be accessed and used for the bootprocedure by the server as if the boot image accessed according to thepresent invention were a local or prior art remote boot image.

The dedicated out-of-band hardware (remote boot device) may furthersupport a 10 more intelligent interactive boot process that may use amessage based protocol and a boot session between the remote boot deviceand the remote HIC. Accordingly, several methods may be used to initiatethe interaction with the remote HIC.

In one preferred approach, the server redirects all the boot servicerequests to the remote HIC while the server is booting. This may be donethrough the BBS (BIOS Boot Specification) compliant component present inthe remote boot device. This method, however, can be used only at thetime of power up of the server. Redirecting the services is not possibleat runtime while the OS is up and running and functioning normally. Soupdating any software component or diagnosing the server typicallyrequires a graceful shutdown of the server. This method is perfect forthe cases when the server is facing severe faults and becamenon-functional and needs a shutdown in any case.

In another preferred method, the remote boot device (such as CDROM) ispresented to the server as a hot swap device that includes a compatibleboot image, the BIOS can use that as the medium of its boot procedure.Upon accessing the device, the remote boot devices opens a remote bootsession with the HIC. Each device access or the I/O cycle isencapsulated by the remote boot device and used for the boot sessionwith the HIC.

Boot Session

In the approaches introduced above, a boot session is generallyestablished between the dedicated hardware of the remote boot device andthe remote HIC. This session is created at the time of the first bootingrequest from the server. The boot session in some embodiments mayrequire an login process for security; in some such embodiments, thelogin process and communications associated therewith may be encryptedand/or use an encrypted communication channel. The session carries allthe I/O commands as a special packet. For security, some embodiments mayencrypt such commands and/or the communication pathway for thesecommands. These command packets may be referred to as Remote BootSession or RBS packet. An exemplary implementation of RBS packets isdescribed in greater detail below. Each RBS packet is parsed andanalyzed by the remote HIC. Remote Boot Session or RBS packets performthe Remote I/O or REMIO functionality as described below.

REMIO Functionality

The REMIO functionality may, in one exemplary embodiment, use thedefinitions and packet structures defined as follows:

-   -   REMIO Server The remote machine on the network, which has the        actual IO device and serves the client thru REMIO packets.    -   REMIO Client The client machine on the network, which simulates        the IO device by accessing the server's IO device thru REMIO        packets.

In the case of the remote boot system according to the presentinvention, the boot management system serves as the REMIO Server and theremote boot device serves as the REMIO Client. In one preferredembodiment, a REMIO packet may have the following structure. REMIOPacket Structure: Number Offset Field Name of Bytes Comment Written By 0Signature 8 R, E, M, I, 0, Blank, Fixed Value Blank, Blank 8 REMIO 2REMIO Version- Server/client Version Major byte & Minor byte 10 Header 1REMIO Header Length Server/client Length (Currently 32 bytes) 11 Header1 Modulo 100 Checksum Server/client Checksum of Header 12 Data 4 Lengthof Data Server/client Length following Header 16 Device 1 See “AssignedClient Only Type Numbers for REMIO” 17 Protocol 1 See “Assigned ClientOnly Numbers for REMIO” 18 Sequence 4 Sequence Number Client Only No. 22Client Data 2 Client Specific Data Client Only (Not used by server) 24Dir_Status 1 See “Assigned Server/Client Numbers for REMIO” 25 Server 1See “Assigned Server Only Capability Numbers for REMIO” 26 Reserved 6Reserved for Future — Use

(Note: All the fields in one preferred embodiment are little endian andbinary format unless specified otherwise)

The protocol and device specific data follows the header. The format ofthis data is specific to the protocol and the devices. The followingdescription outlines certain assignments of with respect to the abovepacket structure as used in one preferred embodiment of the presentinvention.

Assigned Numbers for REMIO

Protocol:

-   -   1. Reserved    -   2. SCSI/ATAPI    -   3. Floppy    -   4. IDE/ATA        -   4-0×FF—Reserved

Device Type:

The High Bit specifies whether it is a removable device (1) or not (0)and the remaining 7 lower bits specify the device type as below:

-   -   1. Reserved    -   2. (Sequential Access) MagneticTape    -   3. (Direct Access) Floppy Disk    -   4. (Direct Access) Hard Disk    -   5. (Write Once device) WORM Optical disk    -   6. (Read Only) CD-ROM device    -   7. (Read Write) CD-RW device    -   8. Optical Memory Device (Non CD Optical devices)        -   8-0x7E—Reserved        -   0×7F—Unknown device

Dir Status:

The High Bit specifies the direction of the command

-   -   1—REMIO Client to REMIO Server    -   0—REMIO Server to REMIO Client

The lower 7 bits specify the status of the REMIO

-   -   1. Success.    -   2. Unsupported Protocol (Server does not support this protocol)    -   3. Unsupported Device (Server does not support this device)    -   4. Incompatible version (Server does not support this REMIO        version)        -   (The Client can retry with the version sent back by the            server, if it can support that version)        -   4—Corrupt Data (Either the signature is bad or checksum            incorrect)        -   5 to 0x7F—Reserved

Note: A detailed status about the operation of the device specificcommand is given in the data packet as defined by each protocol.

ServerCapability:

-   -   0—Reserved    -   1—Supports OOB Status        -   Others are reserved

Operation:

Startup:

The REMIO client always initiates the startup request command (with datalength=0, sequence=0) and sends to the REMIO server. The REMIO servershould check the version, protocol and device type to see whether it canbe supported and returns the proper status code. If an incompatibleversion error is returned, the return packet from server has the versionthe server can support. If the client can support this version, it canresend the startup request packet.

Command Requests:

During normal operation, the client forms the data packet as specifiedin the protocol and device formats, and sends to the server. For eachcommand it increments the sequence number. The client may or may notwait for the response packet. In either case, a proper timeout valueshould be used to retry the command with the new IO sequence number.

The server on receiving a command request packet, validates the header.If invalid header, it sends back with “Corrupt Data” status. (Theprotocol, version and device type can be checked for every packet, butit might not be needed, if the “Startup” sequence is implemented.)Otherwise, it starts processing the data part of the 15 packet and sendsthe response packet with the same sequence number.

Out of Band (OOB) Status:

In cases of removable devices, the client has to be repeatedly queriesthe server about the medium status (Removed or not). This will increaseunnecessary traffic and overhead for the client and server. To avoidthis OOB status method can be used. This is not mandatory, but willincrease the performance. During startup sequence, the client can usethe Server Capability field to determine the server support for OOBStatus.

The client on startup get the status using “Get Medium Status” definedfor the protocol/device and maintains the state in the client side. Theserver sends any change 25 in the medium status, in the same formatdefined for the command “Get Medium Status.”

Throughout this application, various publications may have beenreferenced. The disclosures of these publications in their entiretiesare hereby incorporated by reference into this application in order tomore fully describe the state of the art to which this inventionpertains.

The embodiments described above are given as illustrative examples only.It will be readily appreciated by those skilled in the art that manydeviations may be made from the specific embodiments disclosed in thisspecification without departing from the invention. Accordingly, thescope of the invention is to be determined by the claims below ratherthan being limited to the specifically described embodiments above.

1. A remote boot system for booting of a first computer having aconnection to a primary communication channel used to allow the firstcomputer to communicate with a client computer, and using a secondarycommunication channel connected to a boot management system, the remoteboot system comprising: a) a first communication interface adapted toallow the remote boot system to connect to the primary communicationchannel of the first computer; b) a second communication interfaceadapted to allow the remote boot system to connect to a secondarycommunication channel for communicating with a boot management system;c) a system processor in communication with the first and secondcommunication interfaces, wherein the system processor: i) receives bootdata from a boot image compatible with the first computer from the bootmanagement system via the second communication interface; ii) transmitsreceived boot data to the first computer via the first communicationinterface.
 2. The remote boot system of claim 1, wherein the systemprocessor further accumulates received boot data by repeating step i)until the boot image is complete prior to transmitting the accumulatedreceived boot data in step ii).
 3. The remote boot system of claim 1,wherein the system processor further repeats steps i) and ii) until theboot image has been completely transmitted to the first computer.
 4. Theremote boot system of claim 1, and further comprising a bus interfaceadapted to connect the boot system with a system bus associated with thefirst computer.
 5. The remote boot system of claim 2, wherein the remoteboot system receives power via the bus interface.
 6. The remote bootsystem of claim 1, wherein system processor further receives a bootrequest from the first computer via the first communication interface.7-12. (canceled)
 13. The remote boot system of claim 1, wherein thesystem processor further receives display data from the first computervia the first communication interface and transmits the display data tothe boot management system via the second communication interface,thereby causing the boot management system to display the display dataon a display device as if the display device were directly connected tothe first computer.
 14. The remote boot system of claim 7, wherein thesystem processor further converts the received display data into one ormore transport packets in a format that the boot management system caninterpret and wherein the system processor transmits the display data bytransmitting the one or more transport packets.
 15. The remote bootsystem of claim 1, wherein the system processor further receives inputdata from the boot management system via the second communicationinterface and transmits the input data to the first computer via thefirst communication interface, thereby causing the first computer toreact to the input data as if the input data were received from an inputdevice directly connected to the first computer.
 16. The remote bootsystem of claim 9, wherein the system processor further converts thereceived input data into one or more transport packets in a format thatthe first computer can interpret and wherein the system processortransmits the input data by transmitting the one or more transportpackets.
 17. The remote boot system of claim 1, wherein the remote bootsystem receives power via the first communication interface.
 18. Theremote boot system of claim 1, and further comprising a power supply.19. The remote boot system of claim 1, and further comprising a batterybackup power supply.
 20. The remote boot system of claim 13, wherein thebattery backup power supply is rechargeable via a power source. 21-33.(canceled)
 34. A remote device interface apparatus, for use in a firstcomputer system, for allowing a device connected to a second computersystem to interact with the first computer system, the remote deviceinterface apparatus comprising: a) a first communication interfaceadapted to allow the remote device interface apparatus to connect with afirst communications channel for communicating with the second computersystem; b) a second communication interface adapted to allow the remotedevice interface apparatus to connect with a second communicationchannel of the first computer; c) a system processor in communicationwith the first and second communication interfaces, wherein the systemprocessor: i) receives data from the second computer in a communicationsformat via the first communication interface, wherein the received datafrom the second computer comprises data received by the second computerfrom the device connected thereto; ii) translates the received data fromthe second computer into translated data from the second computer in aformat compatible with the second communication channel of the firstcomputer; and iii) transmits the translated data from the secondcomputer to the first computer via the second communication interface,thereby causing the first computer to react to the translated data fromthe second computer as if the device were directly connected to thefirst computer's second communication channel. iv) receives data fromthe first computer via the second communication interface in the formatcompatible with the first computer's second communication channel; v)translates the received data from the first computer into translateddata from the first computer, wherein the translated data from the firstcomputer corresponds to the received data from the first computer in thecommunications format; and vi) transmits the translated data from thefirst computer to the second computer via the first communicationinterface, thereby causing the second computer to interact with thedevice as if the transmitted translated data from the second computerwere locally generated by the second computer and directed to thedevice.